[j-nsp] building a gre tunnel between two juniper boxes (one behind a NAT)
Simon Chen
simonchennj at gmail.com
Fri Jan 28 19:42:24 EST 2011
On Fri, Jan 28, 2011 at 7:18 PM, Jonathan Lassoff <jof at thejof.com> wrote:
> On Fri, Jan 28, 2011 at 4:02 PM, Simon Chen <simonchennj at gmail.com> wrote:
>> Hi all,
>>
>> This might be a stupid question...
>>
>> I am trying to configure a GRE tunnel between two Juniper routers. One
>> is connecting to the Internet with a public IP, the other one is
>> unfortunately behind a broadband router --- this is a temporary setup,
>> but I need to get it to work...
>
> Unfortunately, since GRE is an IP protocol, it requires having two IPs
> on the endpoints that can route directly to one another, or in your
> case a NAT router that can support forwarding IP protocol 47 to your
> NATed endpoint.
>
>> What is my best option to build a GRE tunnel betweent these two
>> routers? I am not sure if GRE would still work if one side is behind a
>> NAT. I can potentially make the second router into DMZ, but it must
>> run a dhcp client, which I don't think it's there...
>
> JunOS has a DHCP client, just set the "dhcp" option under your iff
> (interface .... family ....) interface and any associated options that
> you'd like.
>
> Cheers,
> jof
>
Will try and report back...
Thanks!
-Simon
More information about the juniper-nsp
mailing list